Web Application Security News
July 27, 2016
Problems with LastPass security might have been improperly disclosed, putting user passwords at higher risk, but the flaws have already been fixed, with an update rolling out now.
April 12, 2016
Customers with hosted sites will now have WordPress SSL turned on for free by default, thanks to Let's Encrypt certificates, potentially making a large number of websites more secure.
January 22, 2016
The security researcher behind the LostPass phishing attack on LastPass has criticized the company's reaction and responses to his findings.
December 11, 2015
News roundup: Cyber politics in U.S., as leaders attempt to balance access to strong encryption with terror threats. Also: Microsoft's German data centers, SHA-1 deprecation schedule, and more.
Web Application Security Get Started
Bring yourself up to speed with our introductory content
Intuit did it. Etsy did it. Netflix did it. How fast moving companies are integrating security into the agile DevOps cycle for continuous deployment of software and services. Continue Reading
Delays, "no" and "redo that work" causes many developers to avoid IT security. With DevOps, proponents aim to make security at scale everybody's problem. Continue Reading
As SSL technology evolves and changes, new vulnerabilities begin to cause problems. Expert Rob Shapland explains how security professionals can overcome these SSL security issues. Continue Reading
Evaluate Web Application Security Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
The BREACH attack has been updated to perform faster data theft. Expert Nick Lewis explains the differences in this attack and the threat level for organizations that use Gmail. Continue Reading
The top companies and application security products that organizations consider when they seek to reduce their application vulnerabilities. Continue Reading
The updated Chrome extension policy allows users and developers to only install extensions from the Chrome Web Store. Learn how this affects security and enterprise apps. Continue Reading
Manage Web Application Security
Learn to apply best practices and optimize your operations.
SSL attacks such as Heartbleed, POODLE and Shellshock have placed countless enterprises at risk. Learn how these different attacks work, and how they can be prevented or mitigated. Continue Reading
Enterprises can't avoid dealing with cloud-based application security any longer. Expert Dejan Lukan discusses the challenges and why they're not as bad as they seem. Continue Reading
SSL subscription services are emerging to help enterprises handle the daunting task of SSL certificate management. Expert Michael Cobb discusses the benefits of such a service. Continue Reading
Problem Solve Web Application Security Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Web application security vulnerabilities exist from browser to SSL/TLS. Expert Brad Causey explains how application security testing and Web application firewalls can address this. Continue Reading
Address bar spoofing attacks can be detrimental to an organization. Expert Michael Cobb details several vulnerabilities and explains how to defend against the threat. Continue Reading
Expert Michael Cobb explains the difference between cross-site scripting and cross-site scripting inclusion (XSSI) flaws. Continue Reading